﻿<?php
session_start();
include "connectsql.php";

if (isset($_SESSION["ceo"]) && $_SESSION["ceo"] == true) {
	if (isset($_REQUEST["id"])) {
		$id = $_REQUEST["id"];
		if ($id == "") {
			die (ECHO_NO_ID);			
		}
	} else {
		die (ECHO_NO_ID);
	}
	$manager = $_SESSION["manager"];

	$sql = "select * from ".DB_MANAGER_TAB." where `managername` = '".$manager."'";
	if ($query = mysqli_query($link, $sql)) {
		$num_rows = mysqli_num_rows($query);
		if ($num_rows == 0) {	
			die (ECHO_ERROR);
		}
	} else {
		die(ECHO_MYSQL_ERROR_QUERY_TABLE_TO_FIND);
	}
	$row = mysqli_fetch_assoc($query);
	$power = $row["powertype"];
	$leaderid = $row["leaderid"];
	if ($power == 65535 && $leaderid == 0) {

	} else if ($power != 65535 && $leaderid == $id) {
		$sql = "select * from ".DB_MANAGER_TAB." where `id` = '".$id."'";
		if ($query = mysqli_query($link, $sql)) {
			$num_rows = mysqli_num_rows($query);
			if ($num_rows == 0) {	
				die (ECHO_ERROR);
			}
			$row = mysqli_fetch_assoc($query);
			$manager = $row["managername"];
		} else {
			die(ECHO_MYSQL_ERROR_QUERY_TABLE_TO_FIND);
		}
	} else {
		die (ECHO_NO_ID);		
	}
	$path = "upload/".md5($manager.DB_PWD.$manager)."/";
	echo $path;	
} else if (isset($_REQUEST["name"])) {
	$username = $_REQUEST["name"];
	if ($username == "") {
		die (ECHO_NO_INPUTNAME);			
	}
	
	if (isset($_REQUEST["managerid"])) {
		$managerid = $_REQUEST["managerid"];
		if ($managerid == "") {
			die (ECHO_NO_ID);			
		}
	} else {
		die (ECHO_NO_ID);
	}

	$net = "";
	if (isset($_REQUEST["net"])) {
		$net = $_REQUEST['net'];
	}	
	
	$sql = "select * from ".DB_MANAGER_TAB." where `id` = '".$managerid."'";
	if ($query = mysqli_query($link, $sql)) {
		$num_rows = mysqli_num_rows($query);
		if ($num_rows == 0) {
			die (ECHO_NO_ID);
		}
		$row = mysqli_fetch_assoc($query);
		$manager = $row["managername"];
	} else {
		die(ECHO_MYSQL_ERROR_QUERY_TABLE_TO_FIND);
	}
 	$_SESSION["user"] = true;
 	$_SESSION["username"] = $username;
 	$_SESSION["managername"] = $manager;

	if (isset($_REQUEST['ver'])) {
		$ver = $_REQUEST['ver'];
		if ($ver == "") {
			die (ECHO_ERROR);
		}
		$sql = "update ".SetDB_USER_TAB($manager)." set `ver` = '".$ver."'";
		if (isset($_REQUEST['mcu'])) {
			$mcu = $_REQUEST['mcu'];
			if ($mcu != "")
				$sql .= ", `mcu` = '".$mcu."'";
		}		
		$sql .= " where `username` = '".$username."'";
		$query = mysqli_query($link, $sql) or die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_CHANGE);
	} else {
		die (ECHO_ERROR);
	}			

	$sql = "select * from ".SetDB_USER_TAB($manager)." where `username` = '".$username."'";
	if ($query = mysqli_query($link, $sql)) {
		$num_rows = mysqli_num_rows($query);
		if ($num_rows == 0) {
			die (ECHO_NO_INPUTNAME);
		}
		$row = mysqli_fetch_assoc($query);
		$mode = $row["modexml"];
		$playlist = $row["playlistxml"];
		if ($net == "0") {
			$nowgprs = $row["extrainfo"];
			$nowlimit = $row["gprslimit"];
			if ($nowlimit != "") {
					$commaloc = strpos($nowlimit, ",");
					if ($commaloc != false) {
						$nowlimittotal = substr($nowlimit, 0, $commaloc);
						if ($nowgprs > $nowlimittotal * 1024 * 1024) {
							$mode = "";
							$playlist = "";
						}
					}
			}
		}
		mysqli_free_result($query);
	} else {
		die(ECHO_MYSQL_ERROR_QUERY_TABLE_TO_FIND);
	}
	$md5 = "";
	if ($mode != "") {
		$sql = "select * from ".SetDB_FILE_TAB($manager)." where `filename` = '".$mode."'";
		if ($query = mysqli_query($link, $sql)) {
			$num_rows = mysqli_num_rows($query);
			if ($num_rows != 0) {
				$row = mysqli_fetch_assoc($query);		
				$md5 = $row["md5"];
			}
		} else {
			die(ECHO_MYSQL_ERROR_QUERY_TABLE_TO_FIND);
		}
	}
	$path = "upload/".md5($manager.DB_PWD.$manager)."/;;".$mode.";;".$md5;

	$md5 = "";
	if ($playlist != "") {
		$sql = "select * from ".SetDB_FILE_TAB($manager)." where `filename` = '".$playlist."'";
		if ($query = mysqli_query($link, $sql)) {
			$num_rows = mysqli_num_rows($query);
			if ($num_rows != 0) {
				$row = mysqli_fetch_assoc($query);		
				$md5 = $row["md5"];
			}	
		} else {
			die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_FIND);
		}
	}
	$path .= ";;".$playlist.";;".$md5;
	echo $path;	
} else if (isset($_REQUEST["group"])) {
	$groupname = $_REQUEST["group"];
	if ($groupname == "") {
		die (ECHO_NO_INPUTNAME);			
	}

	if (isset($_REQUEST["managerid"])) {
		$managerid = $_REQUEST["managerid"];
		if ($managerid == "") {
			die (ECHO_NO_ID);			
		}
	} else {
		die (ECHO_NO_ID);
	}	
	
	if (isset($_REQUEST["mac"])) {
		$servername = $_REQUEST["mac"];
		if ($servername == "") {
			die (ECHO_ERROR);			
		}
	} else {
		die (ECHO_ERROR);
	}		

	if (isset($_REQUEST["s"])) {
		$state = $_REQUEST["s"];
		if ($state == "") {
			die (ECHO_ERROR);			
		}
	} else {
		die (ECHO_ERROR);
	}
	
	$sql = "select * from ".DB_MANAGER_TAB." where `id` = '".$managerid."'";
	if ($query = mysqli_query($link, $sql)) {
		$num_rows = mysqli_num_rows($query);
		if ($num_rows == 0) {
			die (ECHO_NO_ID);
		}
		$row = mysqli_fetch_assoc($query);
		$manager = $row["managername"];
	} else {
		die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_FIND);
	}
	$sql = "select * from ".SetDB_SERVER_TAB($manager)." where `servername` = '".$servername."'";
	if ($query = mysqli_query($link, $sql)) {
		$servernum = mysqli_num_rows($query);
	} else {
		die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_FIND);
	}
	date_default_timezone_set('PRC');
	$now = time();
	if ($servernum != 0) {//exists
		$replaceflag = 0;
		$serverlist = "";
		$restartflag = 0; 
		$restartcount = 0;
		if ($state == 0 || $state == 1) {
			$sql = "select * from ".SetDB_SERVER_TAB($manager)." where `servername` = '".$servername."'";	
			$query = mysqli_query($link, $sql) or die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_FIND);
			$num_rows = mysqli_num_rows($query);
			if ($num_rows != 0) {
				$row = mysqli_fetch_assoc($query);		
				$lastofftime = $row["online_time"];
				$laststate = $row["state"];
				$serverlist = $row["list"];
				$replaceflag = $row["replaceflag"];				
				$restartcount = $row["restartcount"];
				if ($restartcount == "")
					$restartcount = 0;
				if (($state == 0 && $laststate != 0) || ($state == 1 && $laststate == 2) || ($now - $lastofftime) > 60) {
					$restartflag = 1;
					$restartcount++;
				}
			}
		}
		$sql = "update ".SetDB_SERVER_TAB($manager)." set `online_time` = '".$now."', `state` = '".$state."'";
		if ($restartflag == 1) {
			$sql .= ", `lastofftime` = '".$lastofftime."', `lastontime` = '".$now."', `restartcount` = '".$restartcount."'";
		}		
		if (isset($_REQUEST["r"])) {//板卡强行修改，以板卡优先
			$replaceflag = $_REQUEST["r"];
			if ($replaceflag != 0) {
				die (ECHO_ERROR);			
			}
			$sql .= ", `list` = '".$groupname."', `replaceflag` = '0'";
		} else {//板卡没有修改

			if ($replaceflag == 0) {
				if ($serverlist != $groupname) {
					$sql .= ", `list` = '".$groupname."'";//控制台也没有修改，但是发现list不一致
				}
			} else {
				$groupname = $serverlist;
				$sql .= ", `replaceflag` = '0'";//控制台有修改，以控制台为准
			}
		}
		if (isset($_REQUEST["v"])) {
			$version = $_REQUEST["v"];
			if ($version == "") {
				$version = "0";			
			}			
			$sql .= ", `version` = '".$version."'";
		}
		$sql .= " where `servername` = '".$servername."'";
		mysqli_query($link, $sql) or die(ECHO_MYSQL_ERROR_QUERY_TABLE_TO_CHANGE);
	} else {//not exists
		$sql = "insert into ".SetDB_SERVER_TAB($manager)." (`servername`,`alias`,`remarks`,`online_time`,`state`,`list`,`replaceflag`) values ('".$servername."','','','".$now."','".$state."','".$groupname."','0')";
		mysqli_query($link, $sql) or die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_INSERT);		
	}	
	
	$path = "upload/".md5($manager.DB_PWD.$manager)."/";
 	$xml = "list-".$groupname.".xml";
	$md5 = "";
	$sql = "select * from ".SetDB_FILE_TAB($manager)." where `filename` = '".$xml."'";
	$query = mysqli_query($link, $sql) or die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_FIND);
	$num_rows = mysqli_num_rows($query);
	if ($num_rows != 0) {
		$row = mysqli_fetch_assoc($query);		
		$md5 = $row["md5"];
	} else {
	 	$xml = "list-total.xml";
		$sql = "select * from ".SetDB_FILE_TAB($manager)." where `filename` = '".$xml."'";
		$query = mysqli_query($link, $sql) or die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_FIND);
		$num_rows = mysqli_num_rows($query);
		if ($num_rows != 0) {
			$row = mysqli_fetch_assoc($query);		
			$md5 = $row["md5"];
		} else {
			$path .= ";;;;";
			echo $path;
			return;
		}
	}
	$path .= ";;".$xml.";;".$md5;
	echo $path;
}
mysqli_close($link);
?>